Report - www.sobeteracotafancris.ro/eng/gate.php

Report Overview

Submitted URL
www.sobeteracotafancris.ro/eng/gate.php
IP
194.36.141.112
ASN
#50939 Space Ro SRL
Submitted
2023-01-24 06:10:38
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
122

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	69 kB	216.58.207.227
sobeteracotafancris.ro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	12 kB	194.36.141.112
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.41.15
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.sobeteracotafancris.ro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	411 kB	194.36.141.112
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	50 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	www.sobeteracotafancris.ro/eng/gate.php	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/eng/gate.php	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/css/layout.css?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439	Malware
2023-01-24	medium	www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed
2023-01-24	medium	sobeteracotafancris.ro	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-17
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 08:02:08 Times Seen37986 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4	1.9 kB	2023-03-07	2024-04-14
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-14 23:43:23 Times Seen898 Hash ecd2988783bb4e49f6a242620d54ac21 6863076f3f4c1d0203e511258703af9f02fc97a7 20fbf71645de91c6368d758f878b980c72bce11166a26902bc3e9625eac51833 Loading...

	www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1	65 kB	2023-03-07	2024-03-28
Pretty URL www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-28 19:23:41 Times Seen660 Hash 9e0cb44ca244750e4020377345c29755 1601c943bc708568798ce0ab4b3b4a5b5c5e727b 16158ddcd7503a0ee4fe385cb273df2f116b7790845c9d420028d6816f1b3a54 Loading...

	www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1	9.7 kB	2023-03-07	2024-04-18
Pretty URL www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-18 02:50:17 Times Seen4620 Hash cfb428c02811f0cbe515d5f3dca61de6 e95f8696fbe29a706e66ccf582b36d9bd650ab9f 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78 Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1	12 kB	2023-03-07	2024-04-15
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-15 11:35:11 Times Seen457 Hash 1d376be55e51aea00d432f6659d3e0d1 cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b 34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6 Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4	72 kB	2023-03-09	2023-12-16
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:50:38 Last Seen2023-12-16 00:37:33 Times Seen8 Hash fee7bff8b5fc27937eac72e51ed08c5c e367eced25b5c2fb10eb5fff07a8b8030cbf33b5 2e65afc32acf9719e21c69663ac2366ac642001e5875e46791cb37c7518dcc98 Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4	53 kB	2023-03-07	2024-04-14
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-14 23:43:23 Times Seen1005 Hash bcff4f0f0eaaf75435e924eec527616d fe1e7850635b2a1564e8f7f3195617d2eaba73d7 552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329 Loading...

	www.sobeteracotafancris.ro/eng/gate.php	1.0 kB	2023-03-07	2024-04-15
Pretty URL www.sobeteracotafancris.ro/eng/gate.php IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-15 13:39:14 Times Seen1718 Hash 501a4cfc020caaba2b514ad6836778c8 b6f36f22e2f69d3fda381e2dbbd6b4a735a766ed c02c68afc5ec8e181ad157c1eb94bb232fb9a077178311fd96abe6178fbe01dd Loading...

	www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-17
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 19:29:14 Times Seen15468 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-16
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-16 21:01:17 Times Seen3640 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1	8.8 kB	2023-03-07	2024-04-15
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:06 Last Seen2024-04-15 11:35:11 Times Seen294 Hash 98f09b434a4910c56d74bcabc23ac05b c52a1a8e6e5823f859ed4123a00d730237c39893 73e77da1e0317a722f4c849f2f40227d33eecbdb930b04df897a78d993180b16 Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4	196 kB	2023-03-07	2024-04-14
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:32 Last Seen2024-04-14 23:43:23 Times Seen231 Hash 436788b818125f41a42025dcad40fee1 3d5f058aec1e0977db367438dc9ddb520ea14d7f d5d8451a6e9625d61190156d92fbba3ce6e3035c04d9f970e70a17984cd48e36 Loading...

	www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3	190 B	2023-03-13	2024-02-07
Pretty URL www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:35:36 Last Seen2024-02-07 10:24:10 Times Seen20 Hash 8311b286dcf9251ff07dcd650b6e069e 042dd3baa3fa332c05b6528dc37a5f603fe7617f 68cac90431f771257dc3ec04fd0adccf63b6602ef714b77236a272fef0d03695 Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4	6.7 kB	2023-03-07	2024-04-14
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:42 Last Seen2024-04-14 23:43:23 Times Seen523 Hash af31b2d759ddae795f623b8ff403c3ef a45db8f433ad5d481258e452d75e444f02a0473d 473fbe193000b252278e08104106331b16cd71d1d671d52062d98b283a95b94e Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	3.4 kB	2023-03-07	2024-04-15
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-15 11:35:11 Times Seen623 Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1 8215983363ea0d74f99368336404b0d27217778f 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df Loading...

	www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4	2.4 kB	2023-03-07	2024-04-14
Pretty URL www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:58 Last Seen2024-04-14 23:43:23 Times Seen385 Hash e4d4cffb64803083612228d0e7a423e9 a6713651d72216842540255d86d851c99118a7af 3ccc8643f026c9ab87c4ad59b374793b8dab43e53e5ebf1a59644d24c06ea723 Loading...

	www.sobeteracotafancris.ro/eng/gate.php	278 B	2023-03-07	2024-01-23
Pretty URL www.sobeteracotafancris.ro/eng/gate.php IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:07:06 Last Seen2024-01-23 00:49:35 Times Seen63 Hash 829ee0996783f60fbba1def93829c402 330dca97df9fbd9f7d82bb6636a29561444190bf b4f367540f5ee462078d40e59924f9c30f2bca8d9c27db0d002e843f96bf1103 Loading...

	www.sobeteracotafancris.ro/eng/gate.php	2.2 kB	2023-03-13	2023-03-29
Pretty URL www.sobeteracotafancris.ro/eng/gate.php IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:35:36 Last Seen2023-03-29 23:41:26 Times Seen2 Hash ca528af622f30d5364fd6ebd58732cb3 d28eb762ca2957707dd9f29a7c71ac43d2ea5893 370a6de2138009f989c32028e45ef1db3db25567980358884dd248eadac05959 Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-18
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-18 06:37:26 Times Seen68467 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 07:03:37 Times Seen36929626 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0	8.4 kB	2023-03-07	2024-04-16
Pretty URL www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:15 Last Seen2024-04-16 10:51:58 Times Seen473 Hash 160f2338560b79eb0814d236b48b04fa 301abf368f41f578ef7e956140e0f8d466cda78d c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e Loading...

	www.sobeteracotafancris.ro/eng/gate.php	140 B	2023-03-13	2023-12-16
Pretty URL www.sobeteracotafancris.ro/eng/gate.php IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:35:36 Last Seen2023-12-16 00:37:33 Times Seen3 Hash 860358fd5e8d3e1a10380b975e98eef3 ea5cf1d5a7e17315624c0e8e17420766bb15aceb 9b2fde29ac441836688e8f2d863ca860b17efc3982fe6d6e9ef7427923102c74 Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-18
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-18 06:37:26 Times Seen31726 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1	26 kB	2023-03-07	2024-04-15
Pretty URL www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-15 11:35:11 Times Seen352 Hash 9c987714777529a5e2b4afd81a1f2f7f 8248ee40c640ae5c4afb9753c7e30176a3728038 6d4f84a86bb86352e951b6c9af87c3411920e6bdbc2f407b17af06e1ab5caaa4 Loading...

	www.sobeteracotafancris.ro/eng/gate.php	466 B	2023-03-13	2023-03-13
Pretty URL www.sobeteracotafancris.ro/eng/gate.php IP 194.36.141.112 ASN #50939 Space Ro SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:35:36 Last Seen2023-03-13 06:35:37 Times Seen1 Hash cb5f7aa9793f7a291ba11f0e9c27cd73 422fbcd8439a199d34ede31916fc8e66fd8cf81c e8a0e2e056efe5a56e446c8263998e6b778934e3ad1546ae7c9958488f080799 Loading...

HTTP Transactions (68)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13462
Expires: Tue, 24 Jan 2023 09:54:49 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20701
Expires: Tue, 24 Jan 2023 11:55:28 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10822
Expires: Tue, 24 Jan 2023 09:10:49 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 05:35:05 GMT
content-type: application/json
age: 2122
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 02Nc81P0PsUtYc2jw8ZTVvyS18GioIds4JhSyO0JIWaMIMaUlLA8myn3FzAn89pMc+W6SUPuoNsLz4KZo+qRIA==
x-amz-request-id: C39V0HK620AJS398
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 05:48:01 GMT
age: 1346
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:10:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/eng/gate.php

194.36.141.112

301 Moved Permanently

0 B

URL HTTP/1.1
www.sobeteracotafancris.ro/eng/gate.php
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /eng/gate.php HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.sobeteracotafancris.ro/eng/gate.php
content-length: 0
date: Tue, 24 Jan 2023 06:10:27 GMT
server: LiteSpeed
vary: User-Agent

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 05:17:31 GMT
age: 3176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:28 GMT
Last-Modified: Tue, 24 Jan 2023 04:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TNjMZlumQKm8MT/5AQW/ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eGaVka3Kn9rJeYEZCsr2OWr5Xcg=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive

www.sobeteracotafancris.ro/eng/gate.php

194.36.141.112

404 Not Found

22 kB

URL HTTP/2
www.sobeteracotafancris.ro/eng/gate.php
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31614), with CRLF, LF line terminators
Size
22 kB (21997 bytes)
Hash
e3d30b2322987b96b16ea665cd066c6c
76a23074c84c83ce9737cea76d89f4f015668aba
6f74175a4faabf862f8599d075be49c065e0781a81a5dc58a9b5f0dcb1301219

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /eng/gate.php HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.sobeteracotafancris.ro/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3411 bytes)
Hash
805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:49:41 GMT
age: 4847
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12102 bytes)
Hash
c29ea116f715297b757c81dab8d1b5f3
6aae9d763dec58740cdfbfe46f6c69986b81414d
09afde8ec60dd1471e0ce33ed11ae4542b6813ad02e2abf037629a8ae5cfe240

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12102
x-amzn-requestid: 54ba881d-c54b-49fa-a5b3-20b8d80f2a35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrNG1AIAMFxTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-1acbf1c34a4dbfdd506d3383;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHA4jmrQvf2RWyPB4RRjQNr_zvaDR07EMo2oHUT12GAE9QbTP3umnA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:53 GMT
age: 29135
etag: "6aae9d763dec58740cdfbfe46f6c69986b81414d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6979 bytes)
Hash
04af13ec975466fc3ef272576a3f152d
da2919e43cb4870ec1069a317a92972efeecf6a7
927033473cf2325ea89714abce53a15e95a0445982f974796e92d92b677e7ce5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 219af615-0af6-4614-912a-a92081806773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyw-GPpIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6c-14cfd71a76ab5e5251061abf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: --fbhmeBDMcDvYgc4wxQp5sJ83R83L3AJJ3vMzcBem5N20NQr-kwGw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:15:41 GMT
etag: "da2919e43cb4870ec1069a317a92972efeecf6a7"
content-type: image/jpeg
age: 28487
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7768 bytes)
Hash
056caf4190dfd50ec8ccd4c81906a3aa
a913fcf6f7e4250c70ea97e55d0f1cce5b144c50
1747b399960d4953c1154e1185afd9429f519799ac443e486042bd64b31183ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7768
x-amzn-requestid: 1acc401a-ede6-4079-8bdc-cbee1b1bfab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-BF4coAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca859-32a96bef2c041ade5f0fb021;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2VY8s0VM4Dl6c88tWYw3v3VSzc1ZQs9MlF6b-pvw-tb31Dn6cqPmg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:23:40 GMT
age: 6408
etag: "a913fcf6f7e4250c70ea97e55d0f1cce5b144c50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

194.36.141.112

200 OK

11 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 21:46:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1

194.36.141.112

200 OK

848 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 07:40:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8308 bytes)
Hash
91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZE7yDAT_YRseW7m410pGAwkWAwJ2HmuTlg2IbSvCbN20SJbmQ4Odg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:06:36 GMT
age: 29032
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1

194.36.141.112

200 OK

6.8 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (29418), with CRLF line terminators
Size
6.8 kB (6802 bytes)
Hash
c93ecbf2ac43754510e6d4329603400b
95e0661fb65a642c4ee6ab15c1de8565a8b15dcc
c95b05980f9f60c649e3fa580f2db69846a831f683f3a5fbc87e07987fde4586

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6802
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/style.css?ver=17.8.4

194.36.141.112

200 OK

284 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/style.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
284 B (284 bytes)
Hash
1977b66ae42e43541e03fa407835ede6
669794fe401533ebc5990f6174eda01b4191c1e2
3521c4873ac88cb86b5a117a13b1274666be77bcade661565de0d89ea74c8a4e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/style.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-length: 284
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4

194.36.141.112

200 OK

12 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (2051)
Size
12 kB (11583 bytes)
Hash
68afd554fbc717548ab5baa69db32914
5e655de68296775ab488eb522b9631870793c87c
7d2011296003bfc0ea966a52ebbe58603176b49099b437cfe23a9a280a2f1c07

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/base.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11583
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sobeteracotafancris.ro/wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4

194.36.141.112

200 OK

22 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (404)
Size
22 kB (21490 bytes)
Hash
90a1589e6a0aa6629a1d6b5893137839
557d1c76da2effebc6b582d7a7f0ab84c2b7fd23
8b37f539d6aa62aa860aef92bdc53f6ad0941f5dc898917b4e763e4b0c0271e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21490
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/css/layout.css?ver=17.8.4

194.36.141.112

200 OK

18 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/layout.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (401)
Size
18 kB (18484 bytes)
Hash
82b0c4a5383231120edd7f9f782c5dcb
25ceb5d2d1d62fc18c6da2b0690a10a0603093a7
41d5dd30997e385b7a5113160ab67ac9eb4a36c0061aa4a735d28c5d0dd66a6a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/layout.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18484
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4

194.36.141.112

200 OK

4.4 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (58508), with no line terminators
Size
4.4 kB (4426 bytes)
Hash
5c5fe8aa13d58b843d84f4a6e2e83632
2c3ee79ef50ac467448065b88a6eb1d4f1d38f41
edf9e107f9c9afea6091fb4a95408ff3318e4e03b2cbe446935a048d6b3522f1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4426
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4

194.36.141.112

200 OK

3.1 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (365)
Size
3.1 kB (3149 bytes)
Hash
d8e397de9b1352c0c71a9370d50fbb17
a21d7c1328f2052be377b901ad9c29afbfd4b761
d5e713edac70f4c255f476effe10ee8190e7dc408f13c96f4dbf79461bef97d3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3149
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4

194.36.141.112

200 OK

2.0 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
2.0 kB (1962 bytes)
Hash
7de2182f2c6379155b42e71392eae898
03ecb41aa42ff79dfdc81de08078fc1c64b42969
c80cc1180b321bece83d80957c5c04672ee20432e2de420e8f2e87957def17cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1962
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

194.36.141.112

200 OK

30 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 19:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/css/responsive.css?ver=17.8.4

194.36.141.112

200 OK

9.3 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/responsive.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (612)
Size
9.3 kB (9296 bytes)
Hash
8f3df104e4cab2ac30db8f2083e991c9
265aa999d03d4178f8a8f86a08b187bad102e647
e7855396a2d727742dedaa288572467891ff55d0dc5b77c6314f6d312f1d5b45

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/responsive.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9296
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4

194.36.141.112

200 OK

3.7 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (318)
Size
3.7 kB (3700 bytes)
Hash
7cd9857a07ba043a81aff1b373f0d82b
a2f8260ffa638ebd64bc7041dd5473fd0a70c8d1
9f65fada4c8cf08dc42185c79d2b8c29c0341a6332ad8302326fefd22feb8881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3700
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

194.36.141.112

200 OK

4.0 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 13:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3

194.36.141.112

200 OK

966 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (5326), with no line terminators
Size
966 B (966 bytes)
Hash
48cf0bd214254b0d3f4fcf6ca2eef55b
bd9baa2beb0a401d5e98f21f0ba5590592b949fc
97c70401af16ee85f949db582f98fab6d416455aa6be6448321a0bcf55826b2e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 01 Jun 2022 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 966
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

194.36.141.112

200 OK

2.4 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 15:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2354
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3

194.36.141.112

200 OK

190 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
190 B (190 bytes)
Hash
8311b286dcf9251ff07dcd650b6e069e
042dd3baa3fa332c05b6528dc37a5f603fe7617f
68cac90431f771257dc3ec04fd0adccf63b6602ef714b77236a272fef0d03695

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 13:42:54 GMT
accept-ranges: bytes
content-length: 190
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0

194.36.141.112

200 OK

1.8 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (8428), with no line terminators
Size
1.8 kB (1782 bytes)
Hash
9237cae5604b5d12484f699c74d1f156
08ec90bc0bd5e1f0ca86cf43e860e3f83fb2b9ad
1aa3e51dbfaa36ad1374a37ace707fe28ba519f7ad3ab7ce398c654ef1a52906

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1782
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1

194.36.141.112

200 OK

37 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (27287), with CRLF line terminators
Size
37 kB (37077 bytes)
Hash
43fdfea312349df889f659e31b6adb6a
bedc4e2532f363164a4b0324a7f891633be15756
952adbf6189b590337d34ba599c204940b990226647abe2b614fa55d2b92386c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 37077
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1

194.36.141.112

200 OK

17 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (64278), with CRLF line terminators
Size
17 kB (17204 bytes)
Hash
7984f11390a4317be840a9f9e768a177
c1c8bfe79b7d9ab752c5837d9bdac4ec2d1eb70d
f84b6a19f2f4aff0a0c8783b6c7f44b36a4ac4be111efd0bf195ba2c20afbefa

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 17204
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1

194.36.141.112

200 OK

3.1 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
HTML document, ASCII text, with very long lines (9720), with no line terminators
Size
3.1 kB (3050 bytes)
Hash
7b3d5adb95a380672e7d5da68b57b3c0
58db2566c56407e29d4557d912663b36ec328b14
aaa8914b936896ede7bb53ba3a4273d63bf82ed918efe0cfac6f2b3f4641a423

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 05:45:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3050
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

194.36.141.112

200 OK

6.6 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.6 kB (6637 bytes)
Hash
139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1

194.36.141.112

200 OK

3.8 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (11760)
Size
3.8 kB (3760 bytes)
Hash
cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3760
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1

194.36.141.112

200 OK

1.0 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (3233)
Size
1.0 kB (1000 bytes)
Hash
9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1

194.36.141.112

200 OK

2.6 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (8632)
Size
2.6 kB (2645 bytes)
Hash
d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2645
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1

194.36.141.112

200 OK

6.3 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
HTML document, ASCII text, with very long lines (25274)
Size
6.3 kB (6330 bytes)
Hash
a7e69a1542d0a43eddc8317544f17b1e
98e234ad57bc3362434b19a9706a12a208a6da9e
7ae4fdd186ab6ef0c5d2548e9bfb916e9c8556cffaf098ac2cfe1799fa9ab803

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6330
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4

194.36.141.112

200 OK

786 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
786 B (786 bytes)
Hash
b249852f15a52140ee19652056645405
7388ae07ca72cf206dac5b77a1f8f8b090c1eb12
8f625c15072a2506121029b2497a976f622c57394dc685486c4f00ae967bdd04

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/menu.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 786
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4

194.36.141.112

200 OK

547 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (1723)
Size
547 B (547 bytes)
Hash
da5e15e27446aebcbad9a1145cedf225
99a77f09e21fe97a048017d217d92e1a158df376
e6a52e6b7b24d6cf9b8baaaab5eca47304f0a7bce3df950b7edcd8479240af90

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 547
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4

194.36.141.112

200 OK

12 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (634)
Size
12 kB (12401 bytes)
Hash
b68168e0a22ec788141119157f946f19
dd48d653067b16138abc84bc59c8055c258decea
d8ae89b74017b5900d097fa4f4f48dd0bcf02b545b3331130aff64653ac29d37

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12401
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4

194.36.141.112

200 OK

52 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (32011)
Size
52 kB (52308 bytes)
Hash
35bb7e3d5fb0c34732555835dc6ec85b
88e97726988e89b23ea30592029f7163e6fe4304
bcc7d769c535cc8b34d2d52b20cd333ede7c7683b9f19e25c45f99ebd6eb41e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/plugins.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 52308
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4

194.36.141.112

200 OK

13 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
13 kB (13297 bytes)
Hash
8919a55bcf73b6de09ee3f0028c53c81
d0475ff336e5f18ddab1c7339d83e5f18363cb43
43e2de2b2d29bb94805e4ca60e2220e0e70d74daed8d7407e6e172eb8ba4f2c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/scripts.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 13297
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4

194.36.141.112

200 OK

1.6 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text
Size
1.6 kB (1579 bytes)
Hash
8298080669fed5b5bd751cf84c62fc68
b020542e267556e2168634e4fad1b6cb46fe625a
39bfeaf891a54294063810cdf74089c3d1d27ff92b95d98b847e2e3f477a83f8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1579
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

194.36.141.112

200 OK

4.6 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 09:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21820, version 1.0\012- data
Size
22 kB (21820 bytes)
Hash
d9eb1619ec469775fc634c44ed34e7d9
4ea252177e86b3f8390512caf26ab112b8b11f03
358b77e66f715be7f5676feec15e05ec8292a165f99ea95b345cf87adc075ede

HTTP Headers

GET /s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 00:56:25 GMT
expires: Mon, 22 Jan 2024 00:56:25 GMT
cache-control: public, max-age=31536000
age: 191644
last-modified: Wed, 07 Dec 2022 17:51:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sobeteracotafancris.ro/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439

194.36.141.112

200 OK

81 kB

URL HTTP/2
www.sobeteracotafancris.ro/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
Web Open Font Format, TrueType, length 80636, version 1.0\012- data
Size
81 kB (80636 bytes)
Hash
3da843d15ed5d4d39e269cfbad8345fb
1d915a3fd051f9e9cf6f545dfe31939fdb368738
f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: font/woff
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-length: 80636
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

fonts.gstatic.com/s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21496, version 1.0\012- data
Size
22 kB (21496 bytes)
Hash
43fc644dca9feec31fda0887a4fd7451
ef9a6f172f3eeb6e94cf9d01c85826a5b30234a6
3975d32ad727a7a56954c0491bee4af7ff1f3578cd3fc27c53802f3f604b2f05

HTTP Headers

GET /s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 19:40:11 GMT
expires: Tue, 23 Jan 2024 19:40:11 GMT
cache-control: public, max-age=31536000
age: 37818
last-modified: Wed, 07 Dec 2022 18:13:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22404, version 1.0\012- data
Size
22 kB (22404 bytes)
Hash
eded078156f1437b04fdff58fc1bc9fc
7623a93583add5e71039e436659600a0d513f145
e47ef21c70a3d03dc1bb7a44a728e7aa0e7c767c2d44a69c7baa52366effd113

HTTP Headers

GET /s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:16:08 GMT
expires: Tue, 23 Jan 2024 18:16:08 GMT
cache-control: public, max-age=31536000
age: 42861
last-modified: Wed, 07 Dec 2022 18:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sobeteracotafancris.ro/wp-content/uploads/2020/11/logo-soba.jpg

194.36.141.112

200 OK

12 kB

URL HTTP/2
sobeteracotafancris.ro/wp-content/uploads/2020/11/logo-soba.jpg
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Size
12 kB (11886 bytes)
Hash
f01dd4582e4aecb795bfcfb839839666
d36804d9ae882663f3e4298f3071db7945c2fbe0
07ce64eb5bd5f3abe06ebb0123b3059dee8453c3847127af87230a30bf35b24d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/logo-soba.jpg HTTP/1.1
Host: sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: image/jpeg
last-modified: Wed, 04 Nov 2020 13:46:28 GMT
accept-ranges: bytes
content-length: 11886
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7542f-09ef-434a-b70e-f01d4f85f536.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5390 bytes)
Hash
d10c7ff2225305bb4fef88b5e162ce89
01b2c47ee2463194e3209da8572628bc64553b90
43aa59f214eb5d6ec153e68f0e5d164be9fc2ef408efc2bddc29f223fe984721

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7542f-09ef-434a-b70e-f01d4f85f536.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5390
x-amzn-requestid: 293c5b91-66f2-4c09-8c43-bb2c1a80d387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrPEAIoAMFbVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-7f8a124e65873e2a69527dfb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tyGLhuKsD5FALIW6cv0k4Jd3VwK1W1nYQfv6NBcjFQ74u0RRBnQECQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:47 GMT
etag: "01b2c47ee2463194e3209da8572628bc64553b90"
content-type: image/jpeg
age: 29628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:10:28 GMT
date: Tue, 24 Jan 2023 06:10:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

194.36.141.112

200 OK

0 B

URL HTTP/2
www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
194.36.141.112:0
ASN
#50939 Space Ro SRL

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 15:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6872
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML